👔(backend) add Organization model

We introduce the Organization model has a "hat" for all users and team. Each User must have a "default" organization. Each Team must have an organization. When a User creates a new Team, the team is linked to their default Organization. For now the Organization should not be visible to end users this is a purely technical aspect as it. The models are also adding a permission to allow User to edit an Organization, but for now there are no endpoints for that. Next steps: - Add an Organization to each User and Team on all environments to mark Organization as mandatory in database. - Add scope to Organization to list the Service Provider list allowed for a User in an Organization. - Add endpoints + frontend to manage Organization's scopes
2024-10-17 15:30:00 +02:00
parent b602478406
commit ca886c19b0
14 changed files with 844 additions and 32 deletions
--- a/src/backend/people/settings.py
+++ b/src/backend/people/settings.py
@@ -388,6 +388,11 @@ class Base(Configuration):
        environ_name="USER_OIDC_FIELDS_TO_NAME",
        environ_prefix=None,
    )
+    OIDC_ORGANIZATION_REGISTRATION_ID_FIELD = values.Value(
+        default=None,
+        environ_name="OIDC_ORGANIZATION_REGISTRATION_ID_FIELD",
+        environ_prefix=None,
+    )

    OIDC_OP_TOKEN_INTROSPECTION_ENDPOINT = values.Value(
        None, environ_name="OIDC_OP_TOKEN_INTROSPECTION_ENDPOINT", environ_prefix=None
@@ -437,6 +442,15 @@ class Base(Configuration):
        environ_prefix=None,
    )

+    # Organizations
+    ORGANIZATION_REGISTRATION_ID_VALIDATORS = json.loads(
+        values.Value(
+            default="[]",
+            environ_name="ORGANIZATION_REGISTRATION_ID_VALIDATORS",
+            environ_prefix=None,
+        )
+    )
+
    FEATURES = {
        "TEAMS": values.BooleanValue(
            default=True, environ_name="FEATURE_TEAMS", environ_prefix=None
@@ -599,6 +613,15 @@ class Test(Base):
    # this is a dev credentials for mail provisioning API
    MAIL_PROVISIONING_API_CREDENTIALS = "bGFfcmVnaWU6cGFzc3dvcmQ="

+    ORGANIZATION_REGISTRATION_ID_VALIDATORS = [
+        {
+            "NAME": "django.core.validators.RegexValidator",
+            "OPTIONS": {
+                "regex": "^[0-9]{14}$",
+            },
+        },
+    ]
+

 class ContinuousIntegration(Test):
    """